Initial homelab gateway config
This commit is contained in:
parent
7b09b4b7e5
commit
72693ea8a7
3 changed files with 99 additions and 0 deletions
59
namespaces/homelab/gateway.yaml
Normal file
59
namespaces/homelab/gateway.yaml
Normal file
|
|
@ -0,0 +1,59 @@
|
||||||
|
---
|
||||||
|
apiVersion: gateway.networking.k8s.io/v1
|
||||||
|
kind: Gateway
|
||||||
|
metadata:
|
||||||
|
name: homelab-gateway
|
||||||
|
namespace: homelab
|
||||||
|
spec:
|
||||||
|
gatewayClassName: traefik
|
||||||
|
listeners:
|
||||||
|
- allowedRoutes:
|
||||||
|
namespaces:
|
||||||
|
from: Selector
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
homelab-access: "true"
|
||||||
|
name: web
|
||||||
|
port: 8000
|
||||||
|
protocol: HTTP
|
||||||
|
- allowedRoutes:
|
||||||
|
namespaces:
|
||||||
|
from: Selector
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
homelab-access: "true"
|
||||||
|
name: websecure
|
||||||
|
port: 8443
|
||||||
|
protocol: HTTPS
|
||||||
|
tls:
|
||||||
|
mode: Terminate
|
||||||
|
certificateRefs:
|
||||||
|
- kind: Secret
|
||||||
|
name: infisical-self-signed-cert
|
||||||
|
- allowedRoutes:
|
||||||
|
namespaces:
|
||||||
|
from: Selector
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
homelab-access: "true"
|
||||||
|
name: postgres
|
||||||
|
port: 5432
|
||||||
|
protocol: TCP
|
||||||
|
- allowedRoutes:
|
||||||
|
namespaces:
|
||||||
|
from: Selector
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
homelab-access: "true"
|
||||||
|
name: redis
|
||||||
|
port: 6379
|
||||||
|
protocol: HTTP
|
||||||
|
- allowedRoutes:
|
||||||
|
namespaces:
|
||||||
|
from: Selector
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
homelab-access: "true"
|
||||||
|
name: ollama
|
||||||
|
port: 11434
|
||||||
|
protocol: HTTP
|
||||||
7
namespaces/homelab/namespace.yaml
Normal file
7
namespaces/homelab/namespace.yaml
Normal file
|
|
@ -0,0 +1,7 @@
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Namespace
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
homelab-access: "true"
|
||||||
|
name: homelab
|
||||||
33
namespaces/homelab/secrets.yaml
Normal file
33
namespaces/homelab/secrets.yaml
Normal file
|
|
@ -0,0 +1,33 @@
|
||||||
|
---
|
||||||
|
apiVersion: secrets.infisical.com/v1alpha1
|
||||||
|
kind: InfisicalSecret
|
||||||
|
metadata:
|
||||||
|
name: homelab-sslcert-secrets
|
||||||
|
namespace: infisical
|
||||||
|
labels:
|
||||||
|
label-to-be-passed-to-managed-secret: homelab
|
||||||
|
annotations:
|
||||||
|
example.com/annotation-to-be-passed-to-managed-secret: "homelab"
|
||||||
|
spec:
|
||||||
|
hostAPI: https://app.infisical.com/api
|
||||||
|
resyncInterval: 10
|
||||||
|
authentication:
|
||||||
|
# Universal Auth
|
||||||
|
universalAuth:
|
||||||
|
secretsScope:
|
||||||
|
projectSlug: homelab-n-f-yj
|
||||||
|
envSlug: prod
|
||||||
|
secretsPath: "/homelab" # Root is "/"
|
||||||
|
recursive: true # Whether or not to use recursive mode (Fetches all secrets in an environment from a given secret path, and all folders inside the path) / defaults to false
|
||||||
|
credentialsRef:
|
||||||
|
secretName: universal-auth-credentials
|
||||||
|
secretNamespace: infisical
|
||||||
|
managedSecretReference:
|
||||||
|
secretName: infisical-self-signed-cert
|
||||||
|
secretNamespace: homelab
|
||||||
|
creationPolicy: "Orphan" ## Owner | Orphan
|
||||||
|
secretType: kubernetes.io/tls
|
||||||
|
template:
|
||||||
|
data:
|
||||||
|
tls.crt: "{{ .TLS_CERT.Value }}"
|
||||||
|
tls.key: "{{ .TLS_KEY.Value }}"
|
||||||
Loading…
Add table
Reference in a new issue